[Git][security-tracker-team/security-tracker][master] Track fixed CVEs for linux upload via unstable

Wed Nov 3 14:47:59 GMT 2021


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
030d13f3 by Salvatore Bonaccorso at 2021-11-03T15:47:08+01:00
Track fixed CVEs for linux upload via unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -81,7 +81,7 @@ CVE-2021-3923
 CVE-2021-3922
 	RESERVED
 CVE-2021-43267 (An issue was discovered in net/tipc/crypto.c in the Linux kernel befor ...)
-	- linux <unfixed>
+	- linux 5.14.16-1
 	[buster] - linux <not-affected> (Vulnerable code introduced later)
 	[stretch] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: https://git.kernel.org/linus/fa40d9734a57bcbfa79a280189799f76c88f7bb0 (5.15)
@@ -1561,7 +1561,7 @@ CVE-2021-43047
 CVE-2021-43046
 	RESERVED
 CVE-2021-43056 (An issue was discovered in the Linux kernel for powerpc before 5.14.15 ...)
-	- linux <unfixed>
+	- linux 5.14.16-1
 	[buster] - linux <not-affected> (Vulnerable code introduced later)
 	[stretch] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: https://git.kernel.org/linus/cdeb5d7d890e14f3b70e8087e745c4a6a7d9f337 (5.15-rc6)
@@ -2086,7 +2086,7 @@ CVE-2021-42813
 	RESERVED
 CVE-2021-3896 [isdn: cpai: check ctr->cnr to avoid array index out of bound]
 	RESERVED
-	- linux <unfixed>
+	- linux 5.14.16-1
 	NOTE: https://www.openwall.com/lists/oss-security/2021/10/19/1
 	NOTE: https://git.kernel.org/linus/1f3e2e97c003f80c4b087092b225c8787ff91e4d
 CVE-2021-42812
@@ -2273,7 +2273,7 @@ CVE-2021-42740 (The shell-quote package before 1.7.3 for Node.js allows command
 	- node-shell-quote <unfixed>
 	NOTE: https://github.com/substack/node-shell-quote/commit/5799416ed454aa4ec9afafc895b4e31760ea1abe (1.7.3)
 CVE-2021-42739 (The firewire subsystem in the Linux kernel through 5.14.13 has a buffe ...)
-	- linux <unfixed>
+	- linux 5.14.16-1
 	NOTE: https://seclists.org/oss-sec/2021/q2/46
 	NOTE: https://lore.kernel.org/linux-media/YHaulytonFcW+lyZ@mwanda/
 CVE-2021-42738
@@ -4380,7 +4380,7 @@ CVE-2022-20012
 CVE-2021-42328
 	RESERVED
 CVE-2021-42327 (dp_link_settings_write in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu ...)
-	- linux <unfixed>
+	- linux 5.14.16-1
 	[buster] - linux <not-affected> (Vulnerability introduced later)
 	[stretch] - linux <not-affected> (Vulnerability introduced later)
 	NOTE: https://lists.freedesktop.org/archives/amd-gfx/2021-October/070170.html
@@ -8578,7 +8578,7 @@ CVE-2021-3773
 	TODO: fill in tracking details
 CVE-2021-3772 [Invalid chunks may be used to remotely remove existing associations]
 	RESERVED
-	- linux <unfixed>
+	- linux 5.14.16-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2000694
 CVE-2021-3771
 	RESERVED
@@ -8983,7 +8983,7 @@ CVE-2021-3761 (Any CA issuer in the RPKI can trick OctoRPKI prior to 1.3.0 into
 	NOTE: https://github.com/cloudflare/cfrpki/commit/a8db4e009ef217484598ba1fd1c595b54e0f6422
 CVE-2021-3760
 	RESERVED
-	- linux <unfixed> (unimportant)
+	- linux 5.14.16-1 (unimportant)
 	NOTE: https://www.openwall.com/lists/oss-security/2021/10/26/2
 	NOTE: https://git.kernel.org/linus/1b1499a817c90fd1ce9453a2c98d2a01cca0e775 (5.15-rc6)
 	NOTE: CONFIG_NFC_NCI is not set in Debian



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/030d13f3d739f395224aa4fb738a1e8f437380f4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/030d13f3d739f395224aa4fb738a1e8f437380f4
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211103/2ecd898e/attachment.htm>
